iPhone update prevents USB hacks

Apple once again foils law enforcement.

Apple has closed an iPhone and iPad vulnerability commonly used by law enforcement.

The extra layer of protection comes as part of the iOS 11.4.1 update, which equipped iOS devices with a new USB Restricted Mode.

The mode will protect Apple iOS products from USB devices used to crack passcodes.

Restricted Mode kicks in when an iPhone or iPad is left locked for an hour. After this hour the Lighting port will be disabled for all purposes other than charging.

Users can turn the feature on and off in a toggle under Settings.

“If you don’t first unlock your password-protected iOS device — or you haven’t unlocked and connected it to a USB accessory within the past hour — your iOS device won’t communicate with the accessory or computer, and in some cases, it might not charge,” Apple explains on its support site.

The new feature comes as Apple continues its customer-focused security approach.

“At Apple, we put the customer at the center of everything we design,” Apple said in a statement to Reuters.

“We're constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data.

“We have the greatest respect for law enforcement, and we don't design our security improvements to frustrate their efforts to do their jobs.”

Unsurprisingly, the internet appears to have already figured out a way around Apple’s latest control.

Engineer at Russian software company ElcomSoft, Oleg Afonin, explained in a blog post that the system can be “fooled” by immediately connecting the iPhone to a lightning accessory when it is seized.

“What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory,” said Afonin.

“In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour.

“Importantly, this only helps if the iPhone has still not entered USB Restricted Mode.”

The update follows the slow deployment of devices like the GrayKey, which was developed in late 2017 by United States company Grayshift (which was reportedly co-founded by an ex-Apple security engineer).

The GrayKey is a small box with two lightning cables which can be plugged into iOS devices. Once connected, the device bypasses security measures and repeatedly attempts to guess the code until it has a match.

Once the GrayKey has figured it out the phone will display a black screen with the passcode displayed.

At US$15,000 per unit, GrayKeys are beginning to be purchased by authorities across the United States.

The backdoor problem

The added security mode comes two years after Apple went toe to toe with the US government on iPhone security.

The 2016 imbruglio followed the San Bernadino shooting that left 14 dead.

Although the FBI secured the iPhone 5C of the shooter, Apple refused to create a ‘backdoor’ for the FBI to use to unlock the phone, saying that if it created a backdoor for law enforcement, that backdoor could potentially also be exploited by cyber criminals.

Israeli company Cellebrite was eventually called on by the FBI and managed to unlock the phone using a device similar to the GrayKey.

Edward Pollitt

Edward Pollitt After starting as an intern for Information Age in 2017, Edward is now a full-time journalist with the publication. He covers a range of topics that relate to the technology sector, with a particular interest in start-ups, digital transformation and cyber security.